Identity & security CLOUDCARD+ When security meets convenience

Similar documents
White Paper. The Impact of Payment Services Directive II (PSD2) on Authentication & Security

FIDO & PSD2. Providing for a satisfactory customer journey. April, Copyright 2018 FIDO Alliance All Rights Reserved.

Authentication Technology for a Smart eid Infrastructure.

PSD2 Compliance - Q&A

Applying biometric authentication to physical access control systems

FIDO Alliance: Standards-based Solutions for Simpler, Strong Authentication

FIDO Alliance Response to the European Banking Authority (EBA)

A NEW MODEL FOR AUTHENTICATION

PSD2 webinar session - Q&A

Using Biometric Authentication to Elevate Enterprise Security

Securing today s identity and transaction systems:! What you need to know! about two-factor authentication!

How Ezio ebanking Solutions help banks comply with PSD2

New Paradigms of Digital Identity:

Building the Business Case for Strong Authentication

How Next Generation Trusted Identities Can Help Transform Your Business

white paper SMS Authentication: 10 Things to Know Before You Buy

FIDO AS REGTECH ADDRESSING GOVERNMENT REQUIREMENTS. Jeremy Grant. Managing Director, Technology Business Strategy Venable LLP

USE CASES. See how Polygon s Biometrid can be used in different usage settings

Public Key Infrastructure PKI. National Digital Certification Center Information Technology Authority Sultanate of Oman

FIDO TECHNICAL OVERVIEW. All Rights Reserved FIDO Alliance Copyright 2018

The new standard for user authentication

2016 Global Identity Summit Pre-Conference Paper Hardening Authentication Technologies

Internet is Global. 120m. 300m 1.3bn Users. 160m. 300m. 289m

VOICE BIOMETRICS. estilo de subtítulo del patrón Solutions

PSD2 & OPEN BANKING Transform Challenge into Opportunity with Identity & Access Management E-BOOK

NFC Identity and Access Control

Put Identity at the Heart of Security

PCI DSS and VNC Connect

Authlogics for Azure and Office 365

Federated Authentication for E-Infrastructures

E-Share: Secure Large File Sharing

PCI DSS and the VNC SDK

Security Specification

Hassle-free banking in the DIGITAL AGE through NEXT-GEN. Technologies W H I T E PA P E R

Digital Identity Trends in Banking

Hong Kong Access Federation (HKAF) Identity Management Practice Statement (IMPS)

THE EUROPEAN PAYMENTS LANDSCAPE IN THE DIGITAL ERA

Who What Why

Transforming the Document Signing Process

Exploring the potential of Mobile Connect: From authentication to identity and attribute sharing. Janne Jutila, Head of Business Development, GSMA

Mobile strong customer authentication under PSD2: comparisons and considerations

Security Enhancements

INNOVATIVE IT- SECURITY FOR THE BANKING AND PAYMENT INDUSTRY

The Future of Authentication

WHITE PAPER 2019 AUTHENTICATOR WHITE PAPER

Federated authentication for e-infrastructures

ISO/IEC INTERNATIONAL STANDARD. Information technology Security techniques Biometric information protection

EMERGING TRENDS AROUND AUTHENTICATION

Biometrics. Overview of Authentication

Identity Management as a Service

CASE STUDY - Preparing for a PCI-DSS Audit using Cryptosense Analyzer

ITU-T SG 17 Q10/17. Trust Elevation Frameworks

DigitalPersona for Healthcare Organizations

The Digital Identity Revolution

Dissecting NIST Digital Identity Guidelines

Next Generation Authentication

ABOUT MORPHO MAKING LIFE SAFER AND EASIER

Security Strategy for Mobile ID GSMA Mobile Connect Summit

E-Share: Secure Large File Sharing

Authentication and Fraud Detection Buyer s Guide

Deprecating the Password: A Progress Report. Dr. Michael B. Jones Identity Standards Architect, Microsoft May 17, 2018

Pro s and con s Why pins # s, passwords, smart cards and tokens fail

hidglobal.com Still Going Strong SECURITY TOKENS FROM HID GLOBAL

WHITE PAPER AUTHENTICATION YOUR WAY SECURING ACCESS IN A CHANGING WORLD

Access Control with Fingerprint Recognition

FEITIAN Technologies, Co., Ltd.

Stop sweating the password and learn to love public key cryptography. Chris Streeks Solutions Engineer, Yubico

FIDO AND PAYMENTS AUTHENTICATION. Philip Andreae Vice President Oberthur Technologies

EXPERIENCE SIMPLER, STRONGER AUTHENTICATION

SOLUTION BRIEF RSA SECURID SUITE ACCELERATE BUSINESS WHILE MANAGING IDENTITY RISK

iclass SE Platform Solutions The New Standard in Access Control

PSD2/EIDAS DEMONSTRATIONS

Survey Guide: Businesses Should Begin Preparing for the Death of the Password

Overview. Premium Data Sheet. DigitalPersona. DigitalPersona s Composite Authentication transforms the way IT

Authentication Methods

The Device Has Left the Building

LinQ2FA. Helping You. Network. Direct Communication. Stay Fraud Free!

Integration Guide. SafeNet Authentication Client. Using SAC CBA with BitLocker

Enterprise Mobility Management

Building an Assurance Foundation for 21 st Century Information Systems and Networks

Digital Payments Security Discussion Secure Element (SE) vs Host Card Emulation (HCE) 15 October Frazier D. Evans

Mobile Biometric Authentication: Pros and Cons of Server and Device-Based

Meeting the requirements of PCI DSS 3.2 standard to user authentication

Face recognition for enhanced security.

Safelayer's Adaptive Authentication: Increased security through context information

Security Principles for Stratos. Part no. 667/UE/31701/004

90% 191 Security Best Practices. Blades. 52 Regulatory Requirements. Compliance Report PCI DSS 2.0. related to this regulation

PKI is Alive and Well: The Symantec Managed PKI Service

Make security part of your client systems refresh

ASC Chairman. Best Practice In Data Security In The Cloud. Speaker Name Dr. Eng. Bahaa Hasan

PKI Credentialing Handbook

Electronic and digital signatures in Adobe Sign for government.

Adobe Sign and 21 CFR Part 11

How. Biometrics. Expand the Reach of Mobile Banking ENTER

Trusted Identities. Foundational to Cloud Services LILA KEE CHIEF PRODUCT OFFICER GLOBALSIGN

BioPassport TM Enterprise Server

hidglobal.com HID ActivOne USER FRIENDLY STRONG AUTHENTICATION

Storage Made Easy. SoftLayer

MOBILITY TRANSFORMING THE MOBILE DEVICE FROM A SECURITY LIABILITY INTO A BUSINESS ASSET E-BOOK

Security Policies and Procedures Principles and Practices

Transcription:

Identity & security CLOUDCARD+ When security meets convenience

CLOUDCARD+ When security meets convenience We live in an ever connected world. Digital technology is leading the way to greater mobility and all the challenges and opportunities that this brings. One challenge faced by service providers, whether in the public or private sectors, is establishing trust in their added value online services. For this they need strong online user authentication. But SMS-OTP, today s most universal user authentication, is vulnerable to attacks and no longer inspires confidence among service providers. This means that service providers must integrate even more secure and reliable systems for user authentication. CloudCard+ from Safran Identity & Security is a new generation solution for strong online user authentication. It works anytime, anywhere and through any device. Easy to integrate into service providers existing IT infrastructure, CloudCard+ enables trusted online transactions between users and service providers. Its great strength is the combination of reliable authentication factors based on what users are (their biometrics), what users have (their smartphone) and what only the users know (their PIN code). Furthermore, CloudCard+ offers secure, easy transaction signature, that cannot be repudiated. CloudCard+ is fully adaptable to the policies and needs of service providers. It is delivered in a stand alone configuration or with DACS, Safran s versatile, multi-authentication factors platform. A broad range of applications Logical access control Transaction confirmation Mobile signature Strong Customer Authentication A PROOF OF LIFE

A truly powerful combination With CloudCard+, service providers can combine up to 3 authentication factors, depending on their security policy and their application. Service providers can offer their users convenient and secure means of authentication based on: what users are (their biometrics), what users have (their smartphone) and what only the users know (their PIN code). What users have (their smartphone) Users trust their smartphones because they already hold a lot of private data. Now the smartphone can do more than just text and pictures; it can also act as a trusted device to authenticate its owner. Through a secure process, CloudCard+ registers and binds the smartphone to its user s identity. What users are (their biometrics) No more password to remember! With biometrics the user is the password. Biometrics is the answer to completely reliable user authentication. Biometrics guarantee uniqueness and absolute trust in the user s identity. As easy as a selfie Simply position your face in front of the phone s camera and it s done! CloudCard+ performs liveness detection, automatic face capture and biometric matching. For complete privacy, CloudCard+ encrypts and securely stores your facial biometric authentication factor on your smartphone. As easy as unlocking your phone Just place your finger on the smartphone s sensor, that s all. CloudCard+ relies on the capabilities of the smartphone s embedded fingerprint sensor. CloudCard+ integrates that capability into its architecture to provide strong multi-authentication factors. WHAT ONLY THE USERS KNOW (their PIN code) 9 0 3 7 1 6 5 4 8 2 The PIN code is known only to the user. Additionally, the zero knowledge cryptography protocol ensures that the PIN code is not stored on the smartphone or on the backend. CloudCard+ uses the PIN code as an additional authentication factor. It does this by inviting the user to enter their PIN code through a secured shuffle key board. Furthermore, CloudCard+ uses the PIN code for secure, easy transaction signature, that cannot be repudiated.

A host of benefits A Fully Secured Solution Combination of up to 3 reliable authentication factors Anti-spoofing measures: liveness detection (3D face reconstruction, Challenge/Response), protection against eavesdropping on the biometric reference Safran biometrics inside: our matching algorithms rank with the world s finest, as measured by NIST (the National Institute of Standards and Technology) Secure communication channel with encrypted exchanges, ensuring confidentiality, integrity and anti-replay attack Proof of transaction generated Effective traceability via audit trail Privacy by Design Means of authentication controlled only by the user Zero knowledge cryptography protocol for the PIN Biometric references encrypted and stored on user s device No remote storage of user s identity Highly Efficient No specific hardware required Compatible with major operating systems Zero SMS-OTP and PIN management costs Easy update for end users, via online app stores Ultimate Customer Confidence and User Experience Increased usability and convenience for online authentication Greatly improved user experience with biometrics capture Anytime, anywhere, any device solution, for access to high value services Omni-channel configuration of authentication (in-app and out-of-band) Easily Customized, Easily Integrated Ready to use mobile SDK (with or without GUIs) for easy integration into service provider s specific mobile application Completely generic mobile application for service providers available from Safran via online app stores Modular, scalable architecture compatible with existing IT infrastructure COMPLIANT, CERTIFIED Compliant with PSD2 Regulatory Technical Standards (RTS). PSD2 compliance is a mandatory component for PSPs especially ASPSPs, ensuring strong customer authentication and consumer protection ISO 27001 approved GOV.UK Verify certified

Logical Access Control through biometrics and smartphone authentication factors Cloudcard+ Server Authentication of the end user: Device authentication Biometric matching Access authorization Signature & Encryption of all exchanges Secure communication channel Signature & Encryption of all exchanges End user s smartphone Service Provider App : CloudCard+ Mobile SDK inside On my behalf, please authenticate the user Secure communication channel Service Provider

CloudCard+ in action today Safran Identity & Security supports public and private organizations in their quest for modernization, especially through digital transformation. We provide a broad range of digital trust solutions, all of which are customizable to both the specific needs and the digital strategies of service providers. Here we present two examples of our partnerships, in which the capabilities of CloudCard+ provide significant benefits to large scale digital identity programs. Secure Identity in the UK New government verification service Since May 2016, GOV.UK Verify is the new way for people to access government services online. Secure Identity, powered by Safran Identity and Security, provides identity checking and highly secure authentication. Use of this service is free of charge. Smartphone-based solution, mobile convenience Based on a simple sign-in application Solution as a Service mode delivers a secure trust framework Combination of 2 authentication factors: smartphone app and PIN code Government-grade biometric matching planned for the near future

SECURE PAYMENT SERVICES - PSD2 COMPLIANT Convenient, secure, strong customer authentication The revised EU Payment Services Directive (PSD2) paves the way for strong customer authentication and consumer privacy in secure payment services. Coming into force in January 2018, several major European banks are currently deploying CloudCard+ in anticipation of the directive s requirements. Compliant with the PSD2 Regulatory Technical Standards proposed by the European Bank Authority, CloudCard+ is already adopted by major banks across Europe. CloudCard+ ensures a secure, seamless design offering: Mobile convenience in smartphone-based solutions; A combination of up to 3 independent authentication factors: *What customers have (their smartphone), *What only customers know (their PIN code), *What customers are (their face or fingerprint biometrics). The generation of a unique authentication code that dynamically links the transaction to a specific amount and a specific payee Protection for payment services credentials, both on the smartphone and during the exchange with the backend Combination of up to 3 authentication factors: What you have (smartphone), What you know (PIN code), What you are (face recognition)

Safran Identity & Security 11, boulevard Gallieni 92130 Issy-les-Moulineaux FRANCE Phone: +33 (0)1 58 11 25 00 Fax: +33 (0)1 58 11 25 50 www.safran-identity-security.com Safran Identity & Security may, at any time and without notice, make changes or improvements to the products and services offered and/or cease producing or commercializing them

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback